How do I run the DHCP service on a domain controller (DC) by using an account other than the DC's account?

A. After you install DHCP on a DC, for security purposes you might want to configure the DHCP service to run under a specific set of credentials other than the DC's computer account. When running on the DC account, the DHCP service could overwrite dynamic records that shouldn't be modified (e.g., the DC's service records), thereby posing a potential security risk.

You can reduce this risk by running the DHCP service under alternate credentials, which you configure by running this command:

netsh dhcp server set dnscredentials <username> <domain> <password>

You can use any account with this command; just make sure to set its password to not expire.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish